Google’s Kenyan web site was reportedly inaccessible yesterday due to a hijacking of the company’s local domain name.

Google.co.ke briefly redirected users to a site bearing the slogan “hacked” on a black background, according to the Daily Nation. A change of DNS was blamed.

Google Kenya reportedly said:

Google services in Kenya were not hacked. For a short period, some users visiting www.google.co.ke and a few other website were re-directed to a different website. We are in contact with the organisation responsible for managing domain names in Kenya.

Google is of course a high-profile target; hackers often exploit weaknesses at third-party providers such as domain name registries in order to take down its satellite sites.

Its Irish site was taken down in October last year, after attackers broke in through a vulnerability in IEDR’s Joomla content management system.

Verisign is causing a bit of a commotion among its registrar channel by demanding 24/7 support for customers whose .com domains have been hijacked.

The changes, we understand, are among a few being introduced into Verisign’s new registry-registrar agreement for .com, which coincides with the renewal of its registry agreement with ICANN.

New text in the RRA states that: “Registrar shall, consistent with ICANN policy, provide to Registered Name Holders emergency contact or 24/7 support information for critical situations such as domain name hijacking.”

From the perspective of registrants, this sounds like a pretty welcome move: who wouldn’t want 24/7 support?

While providing around the clock support might not be a problem for the Go Daddies of the world, some smaller registrars are annoyed.

For a registrar with a small headcount, perhaps servicing a single time zone, 24/7 support would probably mean needing to hire more staff.

Their annoyance has been magnified by the fact that Verisign seems to be asking for these new support commitments without a firm basis in ICANN policy, we hear.

The recently updated transfers policy calls for a 24/7 Transfer Emergency Action Contact — in many cases just a staff member who doesn’t mind being hassled about work at 2am — but that’s meant to be reserved for use by registrars, registries and ICANN.

Register.com has apologised to Chinese portal company Baidu for allowing its domain, baidu.com, to be hijacked by the Iranian Cyber Army hacker group.

The two companies have announced that the lawsuit, which alleged gross negligence among other things, has now been settled. Terms were not disclosed.

If Baidu’s complaint was to be believed, the hackers took over baidu.com with a trivial social engineering attack that relied upon a Register.com tech support employee being asleep at the wheel.

The company is one of China’s largest internet firms, employing over 6,000 people and turning over well over $600 million a year. But for the period of the hijack, visitors to baidu.com instead just saw the hackers’ defacement message instead.

The registrar had argued in court that its terms and conditions released it from liability, but the judge didn’t buy it.

After an internal investigation, we found that the breach occurred because Register’s security protocols had been compromised. We have worked with United States law enforcement officials and Baidu to address the issue. We sincerely apologize to Baidu for the disruption that occurred to its services as a result of this incident.